Print this page
uts: Allow for address space randomisation.
Randomise the base addresses of shared objects, non-fixed mappings, the
stack and the heap.  Introduce a service, svc:/system/process-security,
and a tool psecflags(1) to control and observe it


 419                 fdesc1.slf_offset += 2 * fdesc1.slf_eltlen;
 420                 i += 2;
 421         }
 422 
 423         indent_exit(state);
 424 }
 425 
 426 
 427 /*
 428  * Output information from auxv_t structure.
 429  */
 430 static void
 431 dump_auxv(note_state_t *state, const char *title)
 432 {
 433         const sl_auxv_layout_t  *layout = state->ns_arch->auxv;
 434         union {
 435                 Conv_cap_val_hw1_buf_t          hw1;
 436                 Conv_cap_val_hw2_buf_t          hw2;
 437                 Conv_cnote_auxv_af_buf_t        auxv_af;
 438                 Conv_ehdr_flags_buf_t           ehdr_flags;

 439                 Conv_inv_buf_t                  inv;
 440         } conv_buf;
 441         sl_fmtbuf_t     buf;
 442         int             ndx, ndx_start;
 443         Word            sizeof_auxv;
 444 
 445         sizeof_auxv = layout->sizeof_struct.slf_eltlen;
 446 
 447         indent_enter(state, title, &layout->sizeof_struct);
 448 
 449         /*
 450          * Immediate indent_exit() restores the indent level to
 451          * that of the title. We include indentation as part of
 452          * the index string, which is right justified, and don't
 453          * want the usual indentation spacing.
 454          */
 455         indent_exit(state);
 456 
 457         ndx = 0;
 458         while (state->ns_len > sizeof_auxv) {


 470                         a_type_next = layout->a_type;
 471                         a_type_next.slf_offset += sizeof_auxv;
 472                         while ((state->ns_len - sizeof_auxv) >= sizeof_auxv) {
 473                                 type = extract_as_word(state, &a_type_next);
 474                                 if (type != AT_NULL)
 475                                         break;
 476                                 ndx++;
 477                                 state->ns_data += sizeof_auxv;
 478                                 state->ns_len -= sizeof_auxv;
 479                         }
 480                         num_fmt = SL_FMT_NUM_HEX;
 481                         break;
 482 
 483 
 484 
 485                 case AT_IGNORE:
 486                 case AT_SUN_IFLUSH:
 487                         num_fmt = SL_FMT_NUM_HEX;
 488                         break;
 489 





 490                 case AT_EXECFD:
 491                 case AT_PHENT:
 492                 case AT_PHNUM:
 493                 case AT_PAGESZ:
 494                 case AT_SUN_UID:
 495                 case AT_SUN_RUID:
 496                 case AT_SUN_GID:
 497                 case AT_SUN_RGID:
 498                 case AT_SUN_LPAGESZ:
 499                         num_fmt = SL_FMT_NUM_DEC;
 500                         break;
 501 
 502                 case AT_FLAGS:  /* processor flags */
 503                         w = extract_as_word(state, &layout->a_val);
 504                         vstr = conv_ehdr_flags(state->ns_mach, w,
 505                             0, &conv_buf.ehdr_flags);
 506                         break;
 507 
 508                 case AT_SUN_HWCAP:
 509                         w = extract_as_word(state, &layout->a_val);


 810 #undef NELTS
 811 }
 812 
 813 
 814 /*
 815  * Output information from timestruc_t structure.
 816  */
 817 static void
 818 dump_timestruc(note_state_t *state, const char *title)
 819 {
 820         const sl_timestruc_layout_t *layout = state->ns_arch->timestruc;
 821 
 822         indent_enter(state, title, &layout->tv_sec);
 823 
 824         PRINT_DEC_2UP(MSG_ORIG(MSG_CNOTE_T_TV_SEC), tv_sec,
 825             MSG_ORIG(MSG_CNOTE_T_TV_NSEC), tv_nsec);
 826 
 827         indent_exit(state);
 828 }
 829 




















 830 
 831 /*
 832  * Output information from utsname structure.
 833  */
 834 static void
 835 dump_utsname(note_state_t *state, const char *title)
 836 {
 837         const sl_utsname_layout_t       *layout = state->ns_arch->utsname;
 838 
 839         indent_enter(state, title, &layout->sysname);
 840 
 841         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_SYSNAME), sysname);
 842         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_NODENAME), nodename);
 843         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_RELEASE), release);
 844         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_VERSION), version);
 845         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_MACHINE), machine);
 846 
 847         indent_exit(state);
 848 }
 849 


1080                 w = extract_as_word(state, &layout->pr_dmodel);
1081                 print_str(state, MSG_ORIG(MSG_CNOTE_T_PR_DMODEL),
1082                     conv_cnote_pr_dmodel(w, 0, &conv_buf.inv));
1083         }
1084 
1085         PRINT_DEC_2UP(MSG_ORIG(MSG_CNOTE_T_PR_TASKID), pr_taskid,
1086             MSG_ORIG(MSG_CNOTE_T_PR_PROJID), pr_projid);
1087         PRINT_DEC_2UP(MSG_ORIG(MSG_CNOTE_T_PR_NZOMB), pr_nzomb,
1088             MSG_ORIG(MSG_CNOTE_T_PR_ZONEID), pr_zoneid);
1089 
1090         /*
1091          * In order to line up all the values in a single column,
1092          * we would have to set vcol to a very high value, which results
1093          * in ugly looking output that runs off column 80. So, we use
1094          * two levels of vcol, one for the contents so far, and a
1095          * higher one for the pr_lwp sub-struct.
1096          */
1097         state->ns_vcol += 5;
1098         state->ns_t2col += 5;
1099         state->ns_v2col += 5;




1100         PRINT_SUBTYPE(MSG_ORIG(MSG_CNOTE_T_PR_LWP), pr_lwp, dump_lwpstatus);
1101         state->ns_vcol -= 5;
1102         state->ns_t2col -= 5;
1103         state->ns_v2col -= 5;
1104 
1105         indent_exit(state);
1106 }
1107 
1108 
1109 /*
1110  * Output information from prstatus_t (<sys/old_procfs.h>) structure.
1111  */
1112 static void
1113 dump_prstatus(note_state_t *state, const char *title)
1114 {
1115         const sl_prstatus_layout_t      *layout = state->ns_arch->prstatus;
1116         Word                            w, w2;
1117         int                             i;
1118         union {
1119                 Conv_inv_buf_t                  inv;




 419                 fdesc1.slf_offset += 2 * fdesc1.slf_eltlen;
 420                 i += 2;
 421         }
 422 
 423         indent_exit(state);
 424 }
 425 
 426 
 427 /*
 428  * Output information from auxv_t structure.
 429  */
 430 static void
 431 dump_auxv(note_state_t *state, const char *title)
 432 {
 433         const sl_auxv_layout_t  *layout = state->ns_arch->auxv;
 434         union {
 435                 Conv_cap_val_hw1_buf_t          hw1;
 436                 Conv_cap_val_hw2_buf_t          hw2;
 437                 Conv_cnote_auxv_af_buf_t        auxv_af;
 438                 Conv_ehdr_flags_buf_t           ehdr_flags;
 439                 Conv_secflags_buf_t             secflags;
 440                 Conv_inv_buf_t                  inv;
 441         } conv_buf;
 442         sl_fmtbuf_t     buf;
 443         int             ndx, ndx_start;
 444         Word            sizeof_auxv;
 445 
 446         sizeof_auxv = layout->sizeof_struct.slf_eltlen;
 447 
 448         indent_enter(state, title, &layout->sizeof_struct);
 449 
 450         /*
 451          * Immediate indent_exit() restores the indent level to
 452          * that of the title. We include indentation as part of
 453          * the index string, which is right justified, and don't
 454          * want the usual indentation spacing.
 455          */
 456         indent_exit(state);
 457 
 458         ndx = 0;
 459         while (state->ns_len > sizeof_auxv) {


 471                         a_type_next = layout->a_type;
 472                         a_type_next.slf_offset += sizeof_auxv;
 473                         while ((state->ns_len - sizeof_auxv) >= sizeof_auxv) {
 474                                 type = extract_as_word(state, &a_type_next);
 475                                 if (type != AT_NULL)
 476                                         break;
 477                                 ndx++;
 478                                 state->ns_data += sizeof_auxv;
 479                                 state->ns_len -= sizeof_auxv;
 480                         }
 481                         num_fmt = SL_FMT_NUM_HEX;
 482                         break;
 483 
 484 
 485 
 486                 case AT_IGNORE:
 487                 case AT_SUN_IFLUSH:
 488                         num_fmt = SL_FMT_NUM_HEX;
 489                         break;
 490 
 491                 case AT_SUN_SECFLAGS:
 492                         w = extract_as_word(state, &layout->a_val);
 493                         vstr = conv_psecflags(w, 0, &conv_buf.secflags);
 494                         break;
 495 
 496                 case AT_EXECFD:
 497                 case AT_PHENT:
 498                 case AT_PHNUM:
 499                 case AT_PAGESZ:
 500                 case AT_SUN_UID:
 501                 case AT_SUN_RUID:
 502                 case AT_SUN_GID:
 503                 case AT_SUN_RGID:
 504                 case AT_SUN_LPAGESZ:
 505                         num_fmt = SL_FMT_NUM_DEC;
 506                         break;
 507 
 508                 case AT_FLAGS:  /* processor flags */
 509                         w = extract_as_word(state, &layout->a_val);
 510                         vstr = conv_ehdr_flags(state->ns_mach, w,
 511                             0, &conv_buf.ehdr_flags);
 512                         break;
 513 
 514                 case AT_SUN_HWCAP:
 515                         w = extract_as_word(state, &layout->a_val);


 816 #undef NELTS
 817 }
 818 
 819 
 820 /*
 821  * Output information from timestruc_t structure.
 822  */
 823 static void
 824 dump_timestruc(note_state_t *state, const char *title)
 825 {
 826         const sl_timestruc_layout_t *layout = state->ns_arch->timestruc;
 827 
 828         indent_enter(state, title, &layout->tv_sec);
 829 
 830         PRINT_DEC_2UP(MSG_ORIG(MSG_CNOTE_T_TV_SEC), tv_sec,
 831             MSG_ORIG(MSG_CNOTE_T_TV_NSEC), tv_nsec);
 832 
 833         indent_exit(state);
 834 }
 835 
 836 /*
 837  * Output information from psecflags_t structure.
 838  */
 839 static void
 840 dump_secflags(note_state_t *state, const char *title)
 841 {
 842         const sl_psecflags_layout_t *layout = state->ns_arch->psecflags;
 843         Conv_secflags_buf_t inv;
 844         Word w;
 845 
 846         indent_enter(state, title, &layout->psf_effective);
 847 
 848         w = extract_as_word(state, &layout->psf_effective);
 849         print_str(state, MSG_ORIG(MSG_CNOTE_T_PSF_EFFECTIVE),
 850             conv_psecflags(w, 0, &inv));
 851 
 852         w = extract_as_word(state, &layout->psf_inherit);
 853         print_str(state, MSG_ORIG(MSG_CNOTE_T_PSF_INHERIT),
 854             conv_psecflags(w, 0, &inv));
 855 }
 856 
 857 /*
 858  * Output information from utsname structure.
 859  */
 860 static void
 861 dump_utsname(note_state_t *state, const char *title)
 862 {
 863         const sl_utsname_layout_t       *layout = state->ns_arch->utsname;
 864 
 865         indent_enter(state, title, &layout->sysname);
 866 
 867         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_SYSNAME), sysname);
 868         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_NODENAME), nodename);
 869         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_RELEASE), release);
 870         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_VERSION), version);
 871         PRINT_STRBUF(MSG_ORIG(MSG_CNOTE_T_UTS_MACHINE), machine);
 872 
 873         indent_exit(state);
 874 }
 875 


1106                 w = extract_as_word(state, &layout->pr_dmodel);
1107                 print_str(state, MSG_ORIG(MSG_CNOTE_T_PR_DMODEL),
1108                     conv_cnote_pr_dmodel(w, 0, &conv_buf.inv));
1109         }
1110 
1111         PRINT_DEC_2UP(MSG_ORIG(MSG_CNOTE_T_PR_TASKID), pr_taskid,
1112             MSG_ORIG(MSG_CNOTE_T_PR_PROJID), pr_projid);
1113         PRINT_DEC_2UP(MSG_ORIG(MSG_CNOTE_T_PR_NZOMB), pr_nzomb,
1114             MSG_ORIG(MSG_CNOTE_T_PR_ZONEID), pr_zoneid);
1115 
1116         /*
1117          * In order to line up all the values in a single column,
1118          * we would have to set vcol to a very high value, which results
1119          * in ugly looking output that runs off column 80. So, we use
1120          * two levels of vcol, one for the contents so far, and a
1121          * higher one for the pr_lwp sub-struct.
1122          */
1123         state->ns_vcol += 5;
1124         state->ns_t2col += 5;
1125         state->ns_v2col += 5;
1126 
1127         PRINT_SUBTYPE(MSG_ORIG(MSG_CNOTE_T_PR_SECFLAGS), pr_secflags,
1128             dump_secflags);
1129 
1130         PRINT_SUBTYPE(MSG_ORIG(MSG_CNOTE_T_PR_LWP), pr_lwp, dump_lwpstatus);
1131         state->ns_vcol -= 5;
1132         state->ns_t2col -= 5;
1133         state->ns_v2col -= 5;
1134 
1135         indent_exit(state);
1136 }
1137 
1138 
1139 /*
1140  * Output information from prstatus_t (<sys/old_procfs.h>) structure.
1141  */
1142 static void
1143 dump_prstatus(note_state_t *state, const char *title)
1144 {
1145         const sl_prstatus_layout_t      *layout = state->ns_arch->prstatus;
1146         Word                            w, w2;
1147         int                             i;
1148         union {
1149                 Conv_inv_buf_t                  inv;